DESCRIPTION:
A vulnerability has been discovered in Frontend-User-Access component
for Joomla!, which can be exploited by malicious people to disclose
potentially sensitive information.
Input passed via the "controller" parameter to index.php (when
"option" is set to "com_frontenduseraccess") is not properly verified
before being used. This can be exploited to include arbitrary files
from local resources via directory traversal sequences and
URL-encoded NULL bytes.
The vulnerability is confirmed in version 3.4.1 (free version). Other
versions may also be affected.
SOLUTION:
Edit the source code to ensure that input is properly verified.
PROVIDED AND/OR DISCOVERED BY:
wishnusakti + inc0mp13te

GET LASTEST UPDATE

SOCIAL MEDIA

The Joomla!® name and logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.JoomlaCorner.com is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project